1. Home
  2. Vulnerabilities
  3. CVE-2024-0204
9.8
CRITICAL CVSS 3.1
CVE-2024-0204
Authentication Bypass in GoAnywhere MFT
Description

Authentication bypass in Fortra's GoAnywhere MFT prior to 7.4.1 allows an unauthorized user to create an admin user via the administration portal.

INFO

Published Date :

Jan. 22, 2024, 6:15 p.m.

Last Modified :

Nov. 21, 2024, 8:46 a.m.

Remotely Exploit :

Yes !

Source :

df4dee71-de3a-4139-9588-11b62fe6c0ff
Affected Products

The following products are affected by CVE-2024-0204 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID Vendor Product Action
1 Fortra goanywhere_managed_file_transfer
: Total Affected Vendor : 1 | Products : 1
CVSS Scores
The Common Vulnerability Scoring System is a standardized framework for assessing the severity of vulnerabilities in software and systems. We collect and displays CVSS scores from various sources for each CVE.
Score Version Severity Vector Exploitability Score Impact Score Source
CVSS 3.1 CRITICAL df4dee71-de3a-4139-9588-11b62fe6c0ff
CVSS 3.1 CRITICAL [email protected]
Solution
Update GoAnywhere Managed File Transfer (MFT) to address an authentication bypass vulnerability.
  • Upgrade to Fortra GoAnywhere Managed File Transfer (MFT) 7.4.1 or later.
  • Upgrade to Fortra GoAnywhere Managed File Transfer (MFT) 7.4.1 or later.
Public PoC/Exploit Available at Github

CVE-2024-0204 has a 26 public PoC/Exploit available at Github. Go to the Public Exploits tab to see the list.

References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2024-0204.

URL Resource
http://packetstormsecurity.com/files/176683/GoAnywhere-MFT-Authentication-Bypass.html Third Party Advisory VDB Entry
http://packetstormsecurity.com/files/176974/Fortra-GoAnywhere-MFT-Unauthenticated-Remote-Code-Execution.html
https://my.goanywhere.com/webclient/ViewSecurityAdvisories.xhtml Permissions Required
https://www.fortra.com/security/advisory/fi-2024-001 Vendor Advisory
http://packetstormsecurity.com/files/176683/GoAnywhere-MFT-Authentication-Bypass.html Third Party Advisory VDB Entry
http://packetstormsecurity.com/files/176974/Fortra-GoAnywhere-MFT-Unauthenticated-Remote-Code-Execution.html
https://my.goanywhere.com/webclient/ViewSecurityAdvisories.xhtml Permissions Required
https://www.fortra.com/security/advisory/fi-2024-001 Vendor Advisory
CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2024-0204 is associated with the following CWEs:

Common Attack Pattern Enumeration and Classification (CAPEC)

Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by adversaries to exploit the CVE-2024-0204 weaknesses.

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

Profile Photo
ibrahmsql/CyberSecurity101-Roadmap

CyberSecurity101-Roadmap

Shell C C++ Crystal C# Go JavaScript Perl PHP PowerShell

Updated: 2 months, 4 weeks ago
8 stars 0 fork 0 watcher
Born at : June 18, 2025, 3:28 p.m. This repo has been linked 4 different CVEs too.
Profile Photo
ibrahmsql/CVE-2024-0204

Fortra GoAnywhere MFT 7.4.1 - Authentication Bypass

Python

Updated: 3 months ago
2 stars 0 fork 0 watcher
Born at : June 15, 2025, 10:41 a.m. This repo has been linked 1 different CVEs too.
Profile Photo
ibrahimsql/CVE-2024-0204

CVE-2024-0204 was discovered in January 2024 and affects all GoAnywhere MFT versions prior to 7.4.1. This vulnerability has been rated as Critical (CVSS 9.8) due to its ease of exploitation and the complete administrative access it provides to vulnerable instances.

Python

Updated: 4 months, 4 weeks ago
0 stars 0 fork 0 watcher
Born at : May 25, 2025, 7:52 p.m. This repo has been linked 1 different CVEs too.
Profile Photo
Ospalus/PPS-Unidad2-Actividad1

Unidad 2 - Actividad 1 RA 2. Trazado de una vulnerabilidad.

Updated: 7 months, 4 weeks ago
0 stars 0 fork 0 watcher
Born at : Feb. 27, 2025, 1:05 p.m. This repo has been linked 1 different CVEs too.
Profile Photo
vjp-ignacioBM/PPS-Unidad2Actividad1-Ignacio

None

Updated: 7 months, 4 weeks ago
0 stars 0 fork 0 watcher
Born at : Feb. 25, 2025, 4:27 p.m. This repo has been linked 1 different CVEs too.
Profile Photo
SergioMP04/PPS-Unidad2Actividad1-SergioMorato

Repositorio creado para la actividad de trazabilidad de vulnerabilidades.

Updated: 7 months, 4 weeks ago
0 stars 0 fork 0 watcher
Born at : Feb. 22, 2025, 9:48 p.m. This repo has been linked 2 different CVEs too.
Profile Photo
jmtatop01/PPS-Unidad2Actividad1-JulioManuel

None

Updated: 7 months, 4 weeks ago
0 stars 0 fork 0 watcher
Born at : Feb. 20, 2025, 4:49 p.m. This repo has been linked 1 different CVEs too.
Profile Photo
Clealg01/PPS-Unidad2Actividad1-Cristian

None

Updated: 7 months, 4 weeks ago
0 stars 0 fork 0 watcher
Born at : Feb. 20, 2025, 4:48 p.m. This repo has been linked 1 different CVEs too.
Profile Photo
vjp-albertoVG/PPS-Unidad2Actividad1-albertoVG

None

Updated: 7 months, 4 weeks ago
0 stars 0 fork 0 watcher
Born at : Feb. 20, 2025, 4:43 p.m. This repo has been linked 1 different CVEs too.
Profile Photo
vjp-raulAP/PPS-Unidad2Actividad1-Raul_Albalat_Perez

None

Updated: 8 months ago
0 stars 0 fork 0 watcher
Born at : Feb. 20, 2025, 4:43 p.m. This repo has been linked 1 different CVEs too.
Profile Photo
Acurtos01/PPS-Unidad2Actividad1-AdrianCurtoSanchez

None

Updated: 7 months, 4 weeks ago
0 stars 0 fork 0 watcher
Born at : Feb. 20, 2025, 3:45 p.m. This repo has been linked 1 different CVEs too.
Profile Photo
vjp-pabloGG/PPS-Unidad2Actividad1-PabloGilGalapero

None

Updated: 7 months, 4 weeks ago
0 stars 0 fork 0 watcher
Born at : Feb. 20, 2025, 3:29 p.m. This repo has been linked 1 different CVEs too.
Profile Photo
vjp-davidLC/vjp-davidLC-PPS-Unidad2Actividad1-David

None

Updated: 8 months ago
0 stars 0 fork 0 watcher
Born at : Feb. 19, 2025, 11 a.m. This repo has been linked 1 different CVEs too.
Profile Photo
vjp-mansurSY/PPS-Unidad2Actividad1-MansurSY

None

Updated: 8 months ago
0 stars 0 fork 0 watcher
Born at : Feb. 18, 2025, 3:26 p.m. This repo has been linked 2 different CVEs too.
Profile Photo
vjp-angelPB/PPS-Unidad2Actividad1-Angel

Trazado de una vulnerabilidad.

Updated: 7 months, 4 weeks ago
0 stars 0 fork 0 watcher
Born at : Feb. 17, 2025, 7:14 p.m. This repo has been linked 2 different CVEs too.

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2024-0204 vulnerability anywhere in the article.

  • Daily CyberSecurity
Critical RCE (CVE-2025-10035) in GoAnywhere MFT Used by Medusa Ransomware Group

Microsoft Threat Intelligence has issued a warning following the discovery of active exploitation of a newly disclosed critical vulnerability in GoAnywhere Managed File Transfer (MFT) software by the ... Read more

Published Date: Oct 07, 2025 (2 weeks, 4 days ago)
  • The Register
Ding ding: Fortra rings the perfect-10 bell over latest GoAnywhere MFT bug

Budding ransomware crooks have another shot at exploiting Fortra's GoAnywhere MFT product now that a new 10/10 severity vulnerability needs patching. The vendor issued an advisory for CVE-2025-10035 o ... Read more

Published Date: Sep 19, 2025 (1 month ago)
  • The Hacker News
Fortra Releases Critical Patch for CVSS 10.0 GoAnywhere MFT Vulnerability

Sep 19, 2025Ravie LakshmananVulnerability / Threat Intelligence Fortra has disclosed details of a critical security flaw in GoAnywhere Managed File Transfer (MFT) software that could result in the e ... Read more

Published Date: Sep 19, 2025 (1 month ago)
  • Cybersecurity News
Phishing Frenzy: Cloudflare Domains Exploited in Latest Attacks

A new report from cybersecurity firm Fortra has revealed a dramatic increase in the abuse of Cloudflare’s pages.dev and workers.dev domains for phishing attacks. This abuse capitalizes on Cloudflare’s ... Read more

Published Date: Dec 05, 2024 (10 months, 2 weeks ago)
  • Kaspersky
Advanced threat predictions for 2025

We at Kaspersky’s Global Research and Analysis Team monitor over 900 APT (advanced persistent threat) groups and operations. At the end of each year, we take a step back to assess the most complex and ... Read more

Published Date: Nov 25, 2024 (11 months ago)
  • Cybersecurity News
CVE-2024-6633 (CVSS 9.8): Critical Flaw in Fortra FileCatalyst Workflow

Fortra, a prominent provider of enterprise file transfer solutions, has released an urgent security advisory highlighting two critical vulnerabilities within its FileCatalyst Workflow product. Designa ... Read more

Published Date: Aug 28, 2024 (1 year, 1 month ago)
  • Cybersecurity News
Windows Users Beware: CVE-2024-6768 – New ‘Blue Screen of Death’ Vulnerability Affects All

A newly discovered vulnerability in the Windows operating system has raised concerns among cybersecurity experts due to its potential to trigger the infamous “Blue Screen of Death” (BSOD). Identified ... Read more

Published Date: Aug 13, 2024 (1 year, 2 months ago)

Results are limited to the first 20 news articles due to potential performance issues.

The following table lists the changes that have been made to the CVE-2024-0204 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • CVE Modified by af854a3a-2127-422b-91ae-364da2661108

    Nov. 21, 2024

    Action Type Old Value New Value
    Added Reference http://packetstormsecurity.com/files/176683/GoAnywhere-MFT-Authentication-Bypass.html
    Added Reference http://packetstormsecurity.com/files/176974/Fortra-GoAnywhere-MFT-Unauthenticated-Remote-Code-Execution.html
    Added Reference https://my.goanywhere.com/webclient/ViewSecurityAdvisories.xhtml
    Added Reference https://www.fortra.com/security/advisory/fi-2024-001
  • CVE Modified by df4dee71-de3a-4139-9588-11b62fe6c0ff

    May. 14, 2024

    Action Type Old Value New Value
  • CVE Modified by df4dee71-de3a-4139-9588-11b62fe6c0ff

    Feb. 02, 2024

    Action Type Old Value New Value
    Added Reference Fortra http://packetstormsecurity.com/files/176974/Fortra-GoAnywhere-MFT-Unauthenticated-Remote-Code-Execution.html [No types assigned]
  • Initial Analysis by [email protected]

    Jan. 29, 2024

    Action Type Old Value New Value
    Added CVSS V3.1 NIST AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    Changed Reference Type http://packetstormsecurity.com/files/176683/GoAnywhere-MFT-Authentication-Bypass.html No Types Assigned http://packetstormsecurity.com/files/176683/GoAnywhere-MFT-Authentication-Bypass.html Third Party Advisory, VDB Entry
    Changed Reference Type https://my.goanywhere.com/webclient/ViewSecurityAdvisories.xhtml No Types Assigned https://my.goanywhere.com/webclient/ViewSecurityAdvisories.xhtml Permissions Required
    Changed Reference Type https://www.fortra.com/security/advisory/fi-2024-001 No Types Assigned https://www.fortra.com/security/advisory/fi-2024-001 Vendor Advisory
    Added CWE NIST CWE-425
    Added CPE Configuration OR *cpe:2.3:a:fortra:goanywhere_managed_file_transfer:6.0.0:*:*:*:*:*:*:* *cpe:2.3:a:fortra:goanywhere_managed_file_transfer:*:*:*:*:*:*:*:* versions from (including) 7.0.0 up to (excluding) 7.4.1
  • CVE Modified by df4dee71-de3a-4139-9588-11b62fe6c0ff

    Jan. 24, 2024

    Action Type Old Value New Value
    Added Reference Fortra http://packetstormsecurity.com/files/176683/GoAnywhere-MFT-Authentication-Bypass.html [No types assigned]
  • CVE Received by df4dee71-de3a-4139-9588-11b62fe6c0ff

    Jan. 22, 2024

    Action Type Old Value New Value
    Added Description Authentication bypass in Fortra's GoAnywhere MFT prior to 7.4.1 allows an unauthorized user to create an admin user via the administration portal.
    Added Reference Fortra https://www.fortra.com/security/advisory/fi-2024-001 [No types assigned]
    Added Reference Fortra https://my.goanywhere.com/webclient/ViewSecurityAdvisories.xhtml [No types assigned]
    Added CWE Fortra CWE-425
    Added CVSS V3.1 Fortra AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
Vulnerability Scoring Details
Base CVSS Score: 9.8
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact
Exploit Prediction

EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days.

93.05 }} -0.29%

score

0.99773

percentile